Search

Home > Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec > Defensive Security Podcast Episode 286
Podcast: Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Episode:

Defensive Security Podcast Episode 286
Category: Technology
Duration: 01:12:36
Publish Date: 2024-11-24 23:52:38
Description:
In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including the launch of their new podcast, Getting Defensive. They delve into a CISA report on exploited vulnerabilities, highlighting the concerning trend of zero-day vulnerabilities being exploited. The conversation also covers a GitHub incident involving malicious commits aimed at framing a researcher, Microsoft’s new Windows resiliency initiative, and insights from a CISA red team assessment of a critical infrastructure organization. We emphasize the importance of consent in security assessments and the challenges organizations face in managing risks associated with outdated software.
Takeaways
  • The launch of the new podcast ‘Getting Defensive’ aims to explore deeper cybersecurity topics.
  • CISA’s report indicates a troubling trend of zero-day vulnerabilities being exploited more frequently.
  • Organizations must prioritize patching and mitigating controls to address vulnerabilities effectively.
  • The GitHub incident highlights the risks of malicious commits and the importance of code review.
  • Microsoft’s Windows resiliency initiative introduces new features to enhance security and system integrity.
  • Consent is crucial in penetration testing and security assessments.
  • Organizations often accept risks associated with outdated software, which can lead to vulnerabilities.
  • Effective monitoring and detection are essential to mitigate potential attacks.
  • Ransomware is not the only threat; organizations must be aware of various attack vectors.
  • The CISA red team assessment provides valuable insights into the security posture of critical infrastructure.

 

Links:

  • https://www.darkreading.com/cyberattacks-data-breaches/zero-days-wins-superlative-most-exploited-vulns
  • https://www.bleepingcomputer.com/news/security/github-projects-targeted-with-malicious-commits-to-frame-researcher/
  • https://thehackernews.com/2024/11/microsoft-launches-windows-resiliency.html?m=1
  • https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-326a
Total Play: 0

Users also like

200+ Episodes
Coin Mastery .. 40+     3
3K+ Episodes
The CyberWir .. 100+     20+
1K+ Episodes
NerdCast 34K+     1K+
300+ Episodes
Exploring In .. 80+     6
3K+ Episodes
Paul's Secur .. 10+     8