Firewalls Don't Stop Dragons Podcast

CrowdStrike Lessons Learned

Listen Later

Last week, we all learned about a company called CrowdStrike that apparently has the capability to single-handedly bring multiple airlines, hospitals and other large companies to their knees in an instant. There are many lessons we should be learning from this incident, though I’m not going to hold my breath. I’ll tell you what happened and what I think we should be doing to avoid a repeat of this incident in the future.

In other news: Google finally throws in the towel on blocking third-party cookies; a private organization claims to have gained access to advertising-based location data on Trump’s shooter; Republican VP candidate JD Vance forgets to make his Venmo data private; leaked docs show what phones Cellebrite can and can’t hack; Meta takes down thousands of accounts related to sextortion ring; and for my Tip of the Week, we’ll tackle part 1 of my article on deleting your public data from the web.

Article Links
  1. [AppleInsider] Google gives up on Chrome plan to ditch third-party cookies https://appleinsider.com/articles/24/07/23/google-gives-up-on-chrome-plan-to-ditch-third-party-cookies
  2. [404media.co] Heritage Foundation Claims to Use Location Data to Track Trump Shooter’s Movements https://www.404media.co/heritage-foundation-claims-to-use-location-data-to-track-trump-shooters-movements/
  3. [9to5Mac] J.D. Vance Venmo connections public, as privacy failing still in place six years later https://9to5mac.com/2024/07/19/jd-vance-venmo-connections-public/
  4. [404media.co] Leaked Docs Show What Phones Cellebrite Can (and Can’t) Unlock https://www.404media.co/leaked-docs-show-what-phones-cellebrite-can-and-cant-unlock/
  5. [The Washington Post] Meta takes down thousands of Facebook, Instagram accounts running sextortion scams from Nigeria https://www.washingtonpost.com/business/2024/07/24/meta-nigeria-sextortion-scam-instagram-facebook/fce496c6-49b8-11ef-9149-c75da5dd9201_story.html
  6. [Schneier Blog] The CrowdStrike Outage and Market-Driven Brittleness https://www.schneier.com/blog/archives/2024/07/the-crowdstrike-outage-and-market-driven-brittleness.html
  7. Tip of the Week:OSINT Reconnaissance:  https://firewallsdontstopdragons.com/osint-reconnaissance/ 
    8. Further Info
    • Book surge results: https://fdsd.me/booksurge 
    • Moxie Marlinspike (Signal) on Cellebrite vulnerabilities: https://signal.org/blog/cellebrite-vulnerabilities/ 
    • Send me your questions! https://fdsd.me/qna 
    • Check out my book, Firewalls Don’t Stop Dragons: https://fdsd.me/book 
    • Subscribe to the newsletter: https://fdsd.me/newsletter 
    • Become a patron! https://www.patreon.com/FirewallsDontStopDragons 
    • Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch 
    • Give the gift of privacy and security: https://fdsd.me/coupons 
    • Support our mission! https://fdsd.me/support 
    • Generate secure passphrases! https://d20key.com/#/ 
      • Table of Contents

      Use these timestamps to jump to a particular section of the show.

      • 0:00:51: AT&T breach update
      • 0:01:44: News rundown
      • 0:03:56: Google gives up on Chrome plan to ditch third-party cookies
      • 0:08:28: Group Claims to Use Location Data to Track Trump Shooter’s Movements
      • 0:13:42: J.D. Vance Venmo connections public
      • 0:19:28: Leaked Docs Show What Phones Cellebrite Can (and Can’t) Unlock
      • 0:27:35: Meta takes down thousands of accounts running sextortion scams
      • 0:31:21: Lessons from the CrowdStrike Outage
      • 0:44:52: Tip of the Week: OSINT Reconnaissance
      • 0:55:20: Book surge report
      • 0:57:06: More help will be needed
      • 0:58:10: Looking ahead
        • ...more
        View all episodesView all episodes
        Download on the App Store
        Firewalls Don't Stop Dragons PodcastBy Carey Parker
        • 4.9
        • 4.9
        • 4.9
        • 4.9
        • 4.9

        4.9

        64 ratings

        More shows like Firewalls Don't Stop Dragons Podcast

        View all
        Hacked by Hacked

        Hacked

        190 Listeners

        Security Now (Audio) by TWiT

        Security Now (Audio)

        2,011 Listeners

        Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

        Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

        373 Listeners

        Risky Business by Patrick Gray

        Risky Business

        374 Listeners

        SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

        SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

        655 Listeners

        CyberWire Daily by N2K Networks

        CyberWire Daily

        1,023 Listeners

        Smashing Security by Graham Cluley

        Smashing Security

        318 Listeners

        Click Here by Recorded Future News

        Click Here

        418 Listeners

        Darknet Diaries by Jack Rhysider

        Darknet Diaries

        8,041 Listeners

        Hacking Humans by N2K Networks

        Hacking Humans

        315 Listeners

        Techlore Surveillance Report by Techlore

        Techlore Surveillance Report

        105 Listeners

        Cyber Security Headlines by CISO Series

        Cyber Security Headlines

        138 Listeners

        Risky Bulletin by risky.biz

        Risky Bulletin

        44 Listeners

        Hacker And The Fed by Chris Tarbell & Hector Monsegur

        Hacker And The Fed

        169 Listeners

        The AI Fix by Graham Cluley and Mark Stockley

        The AI Fix

        34 Listeners