Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

Defensive Security Podcast Episode 280

Listen Later
In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kellett delve into key cybersecurity topics. They discuss a recent statement by CISA director Jen Easterly on holding software manufacturers accountable for product defects rather than vulnerabilities, and the need for derogatory names for threat actors to deter cybercrime. The episode also covers Disney’s decision to ditch Slack following a data breach, and the impact of valid account misuse in critical infrastructure attacks. Additionally, they explore new tough cyber regulations in the EU under NIS2, and a Google security flaw from a Black Hat presentation concerning dependency confusion in Apache Airflow. The hosts share their thoughts on industry responses, regulations, and how enterprises can improve their security posture.
00:00 Introduction and Podcast Setup
00:59 First Story: CISA Boss on Insecure Software
03:26 Debate on Software Security Responsibility
11:12 Open Source Software Challenges
15:20 Cloud Imposter Vulnerability
22:22 Disney’s Data Breach and Slack
27:37 Slack Data Breach Concerns
29:26 Critical Infrastructure Vulnerabilities
35:21 EU’s New Cyber Regulations
43:42 Global Regulatory Challenges
48:42 Conclusion and Sign-Off

Links:

  • https://www.theregister.com/2024/09/20/cisa_sloppy_vendors_cybercrime_villains/
  • https://www.tenable.com/blog/cloudimposer-executing-code-on-millions-of-google-servers-with-a-single-malicious-package
  • https://www.cnbc.com/2024/09/19/disney-to-ditch-slack-after-july-data-breach-.html
  • https://www.cybersecuritydive.com/news/cisa-critical-infrastructure-attacks/727225/
  • https://www.cnbc.com/amp/2024/09/20/eu-nis-2-what-tough-new-cyber-regulations-mean-for-big-business.html
    • ...more
    View all episodesView all episodes
    Download on the App Store
    Defensive Security Podcast - Malware, Hacking, Cyber Security & InfosecBy Jerry Bell and Andrew Kalat
    • 4.7
    • 4.7
    • 4.7
    • 4.7
    • 4.7

    4.7

    368 ratings

    More shows like Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

    View all
    Hacked by Hacked

    Hacked

    187 Listeners

    The Changelog: Software Development, Open Source by Changelog Media

    The Changelog: Software Development, Open Source

    288 Listeners

    Security Now (Audio) by TWiT

    Security Now (Audio)

    2,011 Listeners

    Software Engineering Daily by Software Engineering Daily

    Software Engineering Daily

    626 Listeners

    Risky Business by Risky Business Media

    Risky Business

    371 Listeners

    SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

    SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

    651 Listeners

    CyberWire Daily by N2K Networks

    CyberWire Daily

    1,028 Listeners

    Click Here by Recorded Future News

    Click Here

    418 Listeners

    Darknet Diaries by Jack Rhysider

    Darknet Diaries

    8,077 Listeners

    Cybersecurity Today by Jim Love

    Cybersecurity Today

    175 Listeners

    CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

    CISO Series Podcast

    195 Listeners

    Practical AI by Practical AI LLC

    Practical AI

    212 Listeners

    Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

    Defense in Depth

    73 Listeners

    Cybersecurity Headlines by CISO Series

    Cybersecurity Headlines

    139 Listeners

    The AI Daily Brief: Artificial Intelligence News and Analysis by Nathaniel Whittemore

    The AI Daily Brief: Artificial Intelligence News and Analysis

    688 Listeners