Basic Auth, Zero Days, & Burnout

Blue Security4 Juli 2022

Basic Auth, Zero Days, & Burnout

This week, Adam and Andy catch up some news in their first live show in a couple of weeks. First they talk about CISA's guidance to federal agencies to switch from basic auth to modern auth due to the retirement of basic auth on Oct 1, 2022. They also give the cumulative count of zero days for 2022 and some best practices for defense. Finally, they talk through the challenges of investing in people and the burnout felt community wide.

-------------------------------------------

Youtube Video Link: https://youtu.be/XM-UwFajxHY

-------------------------------------------

Documentation:

https://www.cisa.gov/sites/default/files/publications/switch-to-modern-authentication-in-exchange-online-062822-508.pdf

https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/workbook-legacy%20authentication

-------------------------------------------

Contact Us:

Website: http://bluesecuritypod.com

Twitter: https://twitter.com/bluesecuritypod

Linkedin: https://www.linkedin.com/company/bluesecpod

Youtube: https://www.youtube.com/c/BlueSecurityPodcast

Instagram: https://www.instagram.com/bluesecuritypodcast/

Facebook: https://www.facebook.com/bluesecpod

Twitch: https://www.twitch.tv/bluesecuritypod

-------------------------------------------

Andy Jaw

Twitter: https://twitter.com/ajawzero

LinkedIn: https://www.linkedin.com/in/andyjaw/

Email: andy@bluesecuritypod.com

-------------------------------------------

Adam Brewer

Twitter: https://twitter.com/ajbrewer

LinkedIn: https://www.linkedin.com/in/adamjbrewer/

Email: adam@bluesecuritypod.com

Det här avsnittet är hämtat från ett öppet RSS-flöde och publiceras inte av Podme. Det kan innehålla reklam.

Avsnitt(315)

Control the Agents, Find the Bugs - Microsoft's AI Security Double Play

Control the Agents, Find the Bugs - Microsoft's AI Security Double Play

SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss two significant topics: Agent 365, a new dashboard for monitoring AI agents in the Microsoft ecosystem, and ...

26 Maj 33min

You Can't Patch Fast Enough: Exchange Zero-Day and Tycoon2FA Strike

You Can't Patch Fast Enough: Exchange Zero-Day and Tycoon2FA Strike

SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss two significant topics: Agent 365, a new dashboard for monitoring AI agents in the Microsoft ecosystem, and ...

19 Maj 29min

You Can't Patch Fast Enough: Exchange Zero-Day and Tycoon2FA Strike

You Can't Patch Fast Enough: Exchange Zero-Day and Tycoon2FA Strike

SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss two significant topics: Agent 365, a new dashboard for monitoring AI agents in the Microsoft ecosystem, and ...

19 Maj 29min

Lockdown Mode Success, Howler Cell, and Entra Conditional Access

Lockdown Mode Success, Howler Cell, and Entra Conditional Access

SummaryThis episode covers Apple Lockdown Mode's effectiveness against spyware, the Phantom Device attack exploiting Azure AD, and best practices for securing device registration and conditional acces...

12 Maj 47min

Lockdown Mode Success, Howler Cell, and Entra Conditional Access

Lockdown Mode Success, Howler Cell, and Entra Conditional Access

SummaryThis episode covers Apple Lockdown Mode's effectiveness against spyware, the Phantom Device attack exploiting Azure AD, and best practices for securing device registration and conditional acces...

11 Maj 46min

Copy Fail, Claude Security, and Microsoft's AI Defense Playboo

Copy Fail, Claude Security, and Microsoft's AI Defense Playboo

SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss significant topics in cybersecurity, including the discovery of a critical Linux vulnerability known as Copy...

5 Maj 40min

Copy Fail, Claude Security, and Microsoft's AI Defense Playbook

Copy Fail, Claude Security, and Microsoft's AI Defense Playbook

SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss significant topics in cybersecurity, including the discovery of a critical Linux vulnerability known as Copy...

5 Maj 40min

Apple-Signal Bug, NCSC recommends passkeys, Open Source debate

Apple-Signal Bug, NCSC recommends passkeys, Open Source debate

SummaryIn this episode, Andy and Adam discuss a recent vulnerability in the Signal messaging app that allowed the FBI to recover deleted messages from an iPhone due to a flaw in Apple's notification s...

28 Apr 34min

Allt en och samma app

Lyssna på dina favoritpoddar och ljudböcker på ett och samma ställe.

Noga utvalt innehåll

Njut av handplockade tips som passar din smak – utan ändlöst scrollande.

Fortsätt när du vill

Fortsätt lyssna där du slutade – även offline.

Populärt inom Teknik

uppgang-och-fall

bilar-med-sladd

rss-elektrikerpodden

rss-laddstationen-med-elbilen-i-sverige

developers-mer-an-bara-kod

natets-morka-sida

rss-technokratin

bli-saker-podden

skogsforum-podcast

bosse-bildoktorn-och-hasse-p

har-vi-akt-till-mars-an

rss-uppgang-och-fall

rss-upplyst-entreprenordirektor

rss-powerboat-sverige-podcast

rss-snacka-om-ai

rss-hit-med-dina-lunchpengar

Berättelserna och rösterna du älskar att lyssna på

Obegränsad lyssning på alla dina favoritpoddar och ljudböcker

Upptäck Premium