SS-NEWS-086: Solarwinds facing Lawsuit and Gov Action

Episode 86 November 15, 2022 00:45:21
SS-NEWS-086: Solarwinds facing Lawsuit and Gov Action
Security Serengeti
SS-NEWS-086: Solarwinds facing Lawsuit and Gov Action

Nov 15 2022 | 00:45:21

/

Show Notes

Matthew ran a little late this weekend, so apologies for being a day late deploying the latest security news into your earhole!

We talk Solarwinds and a lawsuit, then a little SEC action.  Then we discuss the ever decreasing time frame to patch new vulnerabilities, and we lead off with a little conspiracy theory action about a government contractor that just might be using their privileged position for some man in the middle for the gov.  I mean, what legitimate government contractor ISN'T run out of a UPS Store?

Article 1 - Mysterious company with government ties plays key internet role
Supporting Article:
Where does Firefox store cerificates and how to delete one?

Article 2 - Zero-day are exploited on a massive scale in increasingly shorter timeframes
Supporting Article:
Microsoft Digital Defense Report 2022
Intro to HDMoore’s Law

Article 3 - SolarWinds Faces Potential SEC Enforcement Act Over Orion Breach
Supporting Article:
CLASS ACTION COMPLAINT FOR VIOLATION OF THE FEDERAL SECURITIES LAWS
SOLARWINDS CORPORATION Form 8-K

If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!

Other Episodes

Episode 63

May 30, 2022 00:33:12
Episode Cover

SS-NEWS-063: Prehijacking Social Media Accounts, and Watching What You Type Before You Submit!

In this episode, we discuss how attackers can prehijack your account on popular social media and other apps, and how a surprising number of...

Listen

Episode 132

December 18, 2023 00:55:16
Episode Cover

SS-NEWS-132: AI Drones, OAuth Abuse, and 23andMe!

This week we discuss Microsoft shutting down a bot network that created millions of fraudulent accounts, the coming AI Drone Overlords, OAuth Abuse, and...

Listen

Episode 30

October 10, 2021 00:36:05
Episode Cover

SS-NEWS-30: Ransomware Disclosure and Why is SIEM Still Terrible?

In this week's episode, we discuss Vendor Security Questionnaire's, Ransomware payment disclosure, Why does SIEM still suck, and finally, vulnerability scanning for just ransomware.  ...

Listen