Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

Defensive Security Podcast Episode 286

Listen Later
In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including the launch of their new podcast, Getting Defensive. They delve into a CISA report on exploited vulnerabilities, highlighting the concerning trend of zero-day vulnerabilities being exploited. The conversation also covers a GitHub incident involving malicious commits aimed at framing a researcher, Microsoft’s new Windows resiliency initiative, and insights from a CISA red team assessment of a critical infrastructure organization. We emphasize the importance of consent in security assessments and the challenges organizations face in managing risks associated with outdated software.
Takeaways
  • The launch of the new podcast ‘Getting Defensive’ aims to explore deeper cybersecurity topics.
  • CISA’s report indicates a troubling trend of zero-day vulnerabilities being exploited more frequently.
  • Organizations must prioritize patching and mitigating controls to address vulnerabilities effectively.
  • The GitHub incident highlights the risks of malicious commits and the importance of code review.
  • Microsoft’s Windows resiliency initiative introduces new features to enhance security and system integrity.
  • Consent is crucial in penetration testing and security assessments.
  • Organizations often accept risks associated with outdated software, which can lead to vulnerabilities.
  • Effective monitoring and detection are essential to mitigate potential attacks.
  • Ransomware is not the only threat; organizations must be aware of various attack vectors.
  • The CISA red team assessment provides valuable insights into the security posture of critical infrastructure.

    •  

    Links:

    • https://www.darkreading.com/cyberattacks-data-breaches/zero-days-wins-superlative-most-exploited-vulns
    • https://www.bleepingcomputer.com/news/security/github-projects-targeted-with-malicious-commits-to-frame-researcher/
    • https://thehackernews.com/2024/11/microsoft-launches-windows-resiliency.html?m=1
    • https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-326a
      • ...more
      View all episodesView all episodes
      Download on the App Store
      Defensive Security Podcast - Malware, Hacking, Cyber Security & InfosecBy Jerry Bell and Andrew Kalat
      • 4.7
      • 4.7
      • 4.7
      • 4.7
      • 4.7

      4.7

      364 ratings

      More shows like Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

      View all
      Security Now (Audio) by TWiT

      Security Now (Audio)

      1,970 Listeners

      Risky Business by Patrick Gray

      Risky Business

      361 Listeners

      SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

      SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

      626 Listeners

      Hacked by Hacked

      Hacked

      176 Listeners

      CyberWire Daily by N2K Networks

      CyberWire Daily

      1,006 Listeners

      Smashing Security by Graham Cluley & Carole Theriault

      Smashing Security

      312 Listeners

      Click Here by Recorded Future News

      Click Here

      408 Listeners

      Malicious Life by Malicious Life

      Malicious Life

      925 Listeners

      Darknet Diaries by Jack Rhysider

      Darknet Diaries

      7,871 Listeners

      Cybersecurity Today by Jim Love

      Cybersecurity Today

      166 Listeners

      CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

      CISO Series Podcast

      187 Listeners

      Hacking Humans by N2K Networks

      Hacking Humans

      314 Listeners

      Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

      Defense in Depth

      74 Listeners

      Cyber Security Headlines by CISO Series

      Cyber Security Headlines

      127 Listeners

      Risky Bulletin by risky.biz

      Risky Bulletin

      43 Listeners