Sign up to save your podcasts
Or
Share π¦ Blumira Briefings Ep. 17: Microsoft ADFS Phishing, NHI Boom, SSA Whistleblower
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
π¦ Blumira Briefings Ep. 17: Microsoft ADFS Phishing, NHI Boom, SSA Whistleblower
π Welcome to Blumira Briefings! This week, Zoe is joined by Chris Furner and Mike Toole to download the latest on critical vulnerabilities and emerging threats you need to know about. π
What We Cover This Week:
π³ Critical Docker Desktop vulnerability would allow attacks on host through unauthenticated Engine API accessΒ
π Git code execution vulnerability added to CISA's Known Exploited Vulnerabilities catalog
Β π High-severity vulnerabilities patched in Chrome and Firefox browsers (yes, V8 JS Engine again...)
π Attackers using legit office.com links with ADFS redirects to phish
π€ AI agent security in 2025: non-human identities now outnumber humans 82:1, so... what's your plan?
π¨ Whistleblower reports Social Security database exposure affecting 300+ million Americans
π‘ Quick tip of the week: Treat containers as applications running on your machine and scan them before execution, and check container images for vulnerabilities before running them on your system.
Expert Insights On:
- Container security best practices beyond built-in controls
- Preventing developers from cloning risky Git repositories
- How to start keeping count of non-human identities in your environment
- Evaluating when legacy systems might have better modern alternatives
π° SOURCES:
Docker Desktop Vulnerability: https://www.bleepingcomputer.com/news/security/critical-docker-desktop-flaw-lets-attackers-hijack-windows-hosts/Β
CISA Git Vulnerability Alert: https://www.bleepingcomputer.com/news/security/cisa-warns-of-actively-exploited-git-code-execution-flaw/Β
Chrome/Firefox Patches: https://www.securityweek.com/high-severity-vulnerabilities-patched-in-chrome-firefox/Β
Microsoft ADFS Phishing: http://bleepingcomputer.com/news/security/hackers-steal-microsoft-logins-using-legitimate-adfs-redirects/Β
AI Identity Management: https://www.darkreading.com/cybersecurity-operations/growing-challenge-ai-agent-nhi-managementΒ
Social Security Whistleblower: https://whistleblower.org/press-release/whistleblower-warns-of-possible-risks-to-americans-social-security-information/
π LINKS:Β
How to freeze your credit (Krebs on Security): https://krebsonsecurity.com/2018/09/credit-freezes-are-free-let-the-ice-age-begin/
OWASP Agentic AI Threats & Mitigations: https://genai.owasp.org/resource/agentic-ai-threats-and-mitigations/
View all episodes
By Blumiraπ Welcome to Blumira Briefings! This week, Zoe is joined by Chris Furner and Mike Toole to download the latest on critical vulnerabilities and emerging threats you need to know about. π
What We Cover This Week:
π³ Critical Docker Desktop vulnerability would allow attacks on host through unauthenticated Engine API accessΒ
π Git code execution vulnerability added to CISA's Known Exploited Vulnerabilities catalog
Β π High-severity vulnerabilities patched in Chrome and Firefox browsers (yes, V8 JS Engine again...)
π Attackers using legit office.com links with ADFS redirects to phish
π€ AI agent security in 2025: non-human identities now outnumber humans 82:1, so... what's your plan?
π¨ Whistleblower reports Social Security database exposure affecting 300+ million Americans
π‘ Quick tip of the week: Treat containers as applications running on your machine and scan them before execution, and check container images for vulnerabilities before running them on your system.
Expert Insights On:
- Container security best practices beyond built-in controls
- Preventing developers from cloning risky Git repositories
- How to start keeping count of non-human identities in your environment
- Evaluating when legacy systems might have better modern alternatives
π° SOURCES:
Docker Desktop Vulnerability: https://www.bleepingcomputer.com/news/security/critical-docker-desktop-flaw-lets-attackers-hijack-windows-hosts/Β
CISA Git Vulnerability Alert: https://www.bleepingcomputer.com/news/security/cisa-warns-of-actively-exploited-git-code-execution-flaw/Β
Chrome/Firefox Patches: https://www.securityweek.com/high-severity-vulnerabilities-patched-in-chrome-firefox/Β
Microsoft ADFS Phishing: http://bleepingcomputer.com/news/security/hackers-steal-microsoft-logins-using-legitimate-adfs-redirects/Β
AI Identity Management: https://www.darkreading.com/cybersecurity-operations/growing-challenge-ai-agent-nhi-managementΒ
Social Security Whistleblower: https://whistleblower.org/press-release/whistleblower-warns-of-possible-risks-to-americans-social-security-information/
π LINKS:Β
How to freeze your credit (Krebs on Security): https://krebsonsecurity.com/2018/09/credit-freezes-are-free-let-the-ice-age-begin/
OWASP Agentic AI Threats & Mitigations: https://genai.owasp.org/resource/agentic-ai-threats-and-mitigations/