iPhone MIE, Microsoft - Israel MOD, npm supply chain attacks
Blue Security7 Okt

iPhone MIE, Microsoft - Israel MOD, npm supply chain attacks

Summary

In this episode, hosts Andy Jaw and Adam Brewer discuss the newly announced iPhone 17 and its enhanced security features, particularly the memory integrity enforcement that aims to protect user data from spyware. They also delve into Microsoft's response to allegations regarding the use of Azure by the Israeli Defense Force for surveillance purposes, emphasizing the company's commitment to privacy. The conversation concludes with a discussion on recent supply chain attacks affecting NPM packages and the proactive measures being taken to enhance security in the software development ecosystem.

----------------------------------------------------

YouTube Video Link: ⁠⁠⁠⁠⁠https://youtu.be/YLTiud1ibhU

----------------------------------------------------

Documentation:

https://www.theverge.com/news/775234/iphone-17-air-a19-memory-integrity-enforcement-mte-security

https://security.apple.com/blog/memory-integrity-enforcement/

https://blogs.microsoft.com/on-the-issues/2025/09/25/update-on-ongoing-microsoft-review/

https://www.bleepingcomputer.com/news/security/self-propagating-supply-chain-attack-hits-187-npm-packages/

https://github.blog/security/supply-chain-security/our-plan-for-a-more-secure-npm-supply-chain/

----------------------------------------------------

Contact Us:

Website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bluesecuritypod.com

Bluesky: https://bsky.app/profile/bluesecuritypod.com

LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/company/bluesecpod

YouTube: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/c/BlueSecurityPodcast

-----------------------------------------------------------

Andy Jaw

Bluesky: https://bsky.app/profile/ajawzero.com

LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/andyjaw/

Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠andy@bluesecuritypod.com⁠

----------------------------------------------------

Adam Brewer

Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajbrewer

LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/adamjbrewer/

Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠adam@bluesecuritypod.com

Avsnitt(269)

Cybersecurity Talent Gap

Cybersecurity Talent Gap

This week, Adam and Andy talk about the cybersecurity talent gap. They give advice to those who are trying to break into the field as well as hiring managers on changing the way they look at recruiting to widen the talent pipeline. They also talk about how gatekeepers are toxic to the industry. ------------------------------------------- Youtube Video Link: https://youtu.be/Iac0YlqiIx4 ------------------------------------------- Documentation: https://cybersecurity.att.com/blogs/security-essentials/theres-no-such-thing-as-an-entry-level-job-in-cybersecurity https://danielmiessler.com/blog/day-1-skills-required-to-land-an-entry-level-cybersecurity-job/ https://www.cyberseek.org/pathway.html https://twitter.com/FrankMcG/status/1455380836858089477?s=20 ------------------------------------------- Contact Us: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

8 Nov 202139min

Microsoft Digital Defense Report, Consumer Expectations, and Gartner

Microsoft Digital Defense Report, Consumer Expectations, and Gartner

This week, Adam and Andy talk about Microsoft's Digital Defense Report, consumer expectations of "invisible" security, and should you rip out an information security tool just because it's not on the Gartner Magic Quadrant. ------------------------------------------- Youtube Video Link: https://youtu.be/YXe79Uli1ow ------------------------------------------- Documentation: https://blogs.microsoft.com/on-the-issues/2021/10/07/digital-defense-report-2021/ https://www.darkreading.com/operations/how-to-adapt-to-rising-consumer-expectations-of-invisible-security/a/d-id/1340989?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple https://twitter.com/snorkel42/status/1450492940938321921?s=21 ------------------------------------------- Contact Us: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

1 Nov 202139min

Windows 365 with Special Guest Bradley Dupay

Windows 365 with Special Guest Bradley Dupay

This week, Adam and Andy talk with Microsoft's Global Black Belt Specialist, Bradley Dupay, about the all new cloud PC offering called Windows 365. They go over how VDI has evolved over the years, the implementation details, use cases, and importance to security defenders. This was an amazing conversation! Listen in on how you can modernize your virtualized desktops for a secure hybrid workplace. ------------------------------------------- Youtube Video Link: https://youtu.be/PVo7_b9BJWg ------------------------------------------- Documentation: https://docs.microsoft.com/en-us/windows-365/overview https://techcommunity.microsoft.com/t5/windows-it-pro-blog/securing-your-windows-365-cloud-pcs/ba-p/2663129 Bradley Dupay Linkedin: https://www.linkedin.com/in/bdupay/ ------------------------------------------- Contact Us: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

25 Okt 202152min

Facebook Outage Learnings and Windows 11 security

Facebook Outage Learnings and Windows 11 security

This week on the Blue Security Podcast, Adam and Andy talk about the Facebook outage and what security defenders can learn from reading their after actions report. They also dive into Windows 11 and the security features that make it the most secure version of Windows yet. ------------------------------------------- Youtube Video Link: https://youtu.be/DdGeRMkZVOM ------------------------------------------- Documentation: https://www.microsoft.com/security/blog/?p=93810 https://www.microsoft.com/security/blog/2019/10/21/microsoft-and-partners-design-new-device-security-requirements-to-protect-against-targeted-firmware-attacks/ https://www.microsoft.com/security/blog/2020/11/17/meet-the-microsoft-pluton-processor-the-security-chip-designed-for-the-future-of-windows-pcs/ https://www.youtube.com/watch?v=tg9QUrnVFho ------------------------------------------- Contact Us: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

18 Okt 202134min

You are going to be a victim of ransomware

You are going to be a victim of ransomware

This week on the Blue Security Podcast, Adam and Andy talk about planning to be a victim of ransomware. This is a mindset shift. Instead of focusing on prevention, cybersecurity defenders should plan and practice how to mitigate the damage against a ransomware attack. ------------------------------------------- Youtube Video Link: https://youtu.be/MOq2KhhCjAI ------------------------------------------- Documentation: https://www.darkreading.com/vulnerabilities-threats/you-re-going-to-be-the-victim-of-a-ransomware-attack ------------------------------------------- Contact Us: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

11 Okt 202121min

TPM design limitations and Apple-Google app store actions

TPM design limitations and Apple-Google app store actions

This week on the Blue Security Podcast, Adam and Andy talk about two interesting topics. The first is a pentesting company's successful hack Bitlocker using a TPM limitation. They talk about why this is complicated and the mitigations for it. They also talk about Apple and Google's decision to pull a voting app from the store in Russia a day before the parliamentary elections and the effect it has on democracy. ------------------------------------------- Youtube Video Link: https://youtu.be/-GNLKWTtxTI ------------------------------------------- Documentation: https://dolosgroup.io/blog/2021/7/9/from-stolen-laptop-to-inside-the-company-network https://explainxkcd.com/wiki/index.php/538:_Security https://gizmodo.com/apple-and-google-pull-opposition-app-from-russian-store-1847695238 ------------------------------------------- Contact Us: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

4 Okt 202127min

Protonmail kerfuffle

Protonmail kerfuffle

This week on the Blue Security Podcast, Adam and Andy talk about the hot water Protonmail got themselves into when the news reported that they provided IP address and device information on a Protonmail account to the Swiss government. It's a great discussion on privacy vs security and laws that companies have to abide by. ------------------------------------------- Youtube Video Link: https://youtu.be/ZMcUKQstqsA ------------------------------------------- Documentation: https://thehackernews.com/2021/09/protonmail-shares-activists-ip-address.html https://protonmail.com/blog/climate-activist-arrest/ ------------------------------------------- Contact Us: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

27 Sep 202117min

Misconceptions about MDM

Misconceptions about MDM

This week on the Blue Security Podcast, Adam and Andy go over a bunch of misconceptions about mobile device management spurred by some chatter on Twitter. Should you enroll your personal device with your company's management solution? Listen in as Adam and Andy go over what is technical possible or not possible with MDM solutions. ------------------------------------------- Youtube Video Link: https://youtu.be/RblAsBTYV9s ------------------------------------------- Documentation: https://twitter.com/decryptlyfe/status/1428739410338598913?s=20 https://twitter.com/ashleygjovik/status/1428495420917837826?s=20 https://twitter.com/cherthedev/status/1428808057643966468?s=20 ------------------------------------------- Contact Us: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

20 Sep 202143min

Populärt inom Teknik

uppgang-och-fall
market-makers
elbilsveckan
rss-badfluence
rss-racevecka
rss-laddstationen-med-elbilen-i-sverige
natets-morka-sida
rss-technokratin
skogsforum-podcast
rss-elektrikerpodden
hej-bruksbil
rss-uppgang-och-fall
bilar-med-sladd
garagehang
developers-mer-an-bara-kod
solcellskollens-podcast
rss-digitala-influencer-podden
rss-veckans-ai
har-vi-akt-till-mars-an
rss-snacka-om-ai