With the 2021 editions of the BlackHat and DEF CON security conferences all wrapped up, one of the presentation that made the biggest waves was the latest research from Orange Tsai of Devcore Security Consulting. Tsai was the researcher responsible for identifying and … Read More
OWASP Update
This week on the podcast we discuss the first update to the OWASP Top 10 since 2017. OWASP servers as an excellent resource for improving web application security so we're … [Read More...]
Azure Linux VMs Vulnerable Due to Pre-Installed Agents
Update 1: OMI agent is not installed on Azure FireboxV/Cloud instances (September 17th, 2021): We reviewed our FireboxV/Cloud instance for Azure and confirmed that the OMI … [Read More...]
ProxyWare
This week on the podcast we cover ProxyWare, a form of malware that monetizes your internet access for the benefit of the attacker. After that, we discuss ChaosDB, a … [Read More...]
Stop Following Me – Rewind
This week on the podcast we dig back in the archives to 2019 where we discussed how web servers manage to track users across sites using browser fingerprinting methods. Even though some improvements like removing third-party cookies have been made to limit tracking, plenty … [Read More...]
PolyNetwork Heist
This week on the podcast we cover one of the largest cryptocurrency heists in history, with a surprising twist of an ending! Before that we'll chat about the latest T-Mobile … [Read More...]
Mobile Carriers Leak 123 million Customer Records in One Week
Over the last week we saw 70 million AT&T customers and 53 million T-Mobile customers have their personal data leaked to hackers. While we didn’t find any connections … [Read More...]
What to Make of the Biden Administration’s New ICS Cybersecurity Initiative
Yesterday, the Biden Administration unveiled a new initiative to help improve the cybersecurity stance of the industrial control systems (ICS) that manage the nation’s critical infrastructure. As recent events (like the Colonial Pipeline ransomware incident) have shown, … [Read More...]
DEF CON 29 Recap
This week on the podcast we chat about a few of our favorite presentations from the 2021 edition of the DEF CON security conference out of Las Vegas. If haven't checked them … [Read More...]
Supply Chain Attacks Through an IDE
David Dworken, a Google security researcher, presented a recent Defcon talk about how he found over 30 vulnerabilities in various Integrated Development Environments (IDEs) … [Read More...]
