Matthew ran a little late this weekend, so apologies for being a day late deploying the latest security news into your earhole!
We talk Solarwinds and a lawsuit, then a little SEC action. Then we discuss the ever decreasing time frame to patch new vulnerabilities, and we lead off with a little conspiracy theory action about a government contractor that just might be using their privileged position for some man in the middle for the gov. I mean, what legitimate government contractor ISN'T run out of a UPS Store?
Article 1 - Mysterious company with government ties plays key internet role
Supporting Article:
Where does Firefox store cerificates and how to delete one?
Article 2 - Zero-day are exploited on a massive scale in increasingly shorter timeframes
Supporting Article:
Microsoft Digital Defense Report 2022
Intro to HDMoore’s Law
Article 3 - SolarWinds Faces Potential SEC Enforcement Act Over Orion Breach
Supporting Article:
CLASS ACTION COMPLAINT FOR VIOLATION OF THE FEDERAL SECURITIES LAWS
SOLARWINDS CORPORATION Form 8-K
If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!
In this week's episode, we discuss a Defcon talk about using AI to parse open source intel and generate more convincing phishing emails, and...
This week we discuss eSIM Stealing (not swapping!), the EPA attempting to secure water systems again, and the coming, future Maximum Overdrive like Apocalypse...
This week we discuss two articles around CNA (an insurer that provides cybersecurity insurance) taking down some of their systems, and an insider threat...
