Matthew ran a little late this weekend, so apologies for being a day late deploying the latest security news into your earhole!
We talk Solarwinds and a lawsuit, then a little SEC action. Then we discuss the ever decreasing time frame to patch new vulnerabilities, and we lead off with a little conspiracy theory action about a government contractor that just might be using their privileged position for some man in the middle for the gov. I mean, what legitimate government contractor ISN'T run out of a UPS Store?
Article 1 - Mysterious company with government ties plays key internet role
Supporting Article:
Where does Firefox store cerificates and how to delete one?
Article 2 - Zero-day are exploited on a massive scale in increasingly shorter timeframes
Supporting Article:
Microsoft Digital Defense Report 2022
Intro to HDMoore’s Law
Article 3 - SolarWinds Faces Potential SEC Enforcement Act Over Orion Breach
Supporting Article:
CLASS ACTION COMPLAINT FOR VIOLATION OF THE FEDERAL SECURITIES LAWS
SOLARWINDS CORPORATION Form 8-K
If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!
Spoiler alert - Not in the way the mass media is discussing it, and it's doing a disservice to aspiring security analysts and engineers....
We had originally planned on a discussion about Threat Intel AI this week, but after some discussions with a few vendors, I don't think...
In this episode we review and discuss one of the books on the Cybersecurity Canon - The Phoenix Project! In as spoiler free way...