https://youtu.be/GYoWiEKod38 This week on the podcast, we cover CISA's newly updated whitepaper on guidance for both software manufacturers and customers on the principals of secure-by-design and secure-by-default. Before that, we cover the Cisco IOS XE vulnerability that is under active exploitation in the wild, give an update on the EPA's efforts to regulate cybersecurity … [Read more...]
The 443 - Security Simplified
Get inside the minds of leading white-hat hackers and security researchers. Each week, we’ll educate and entertain you by breaking down the latest cybersecurity headlines and trends.
Subscribe Here:
Not ready to subscribe? Listen to individual episodes below:
Microsoft is Killing NTLM
https://youtu.be/dSUkvBUDum4 This week on the podcast, we cover the recent HTTP/2 protocol vulnerability that lead to the largest DDoS attack ever recorded by CloudFlare. After that, we discuss Microsoft's announcement about the deprecation of VBScript and the impending removal of NTLM. We then cover a collection of data allegedly stolen from the genealogy website 23 and Me … [Read more...]
Q2 2023 Internet Security Report
https://youtu.be/NVvX02rwlEA This week on the podcast, we go through the latest Internet Security Report from the WatchGuard Threat Lab. We'll cover the top malware and network attack trends from Q2 2023 impacting small and mid-market organization globally before ending with defensive tips anyone can take back to their company. … [Read more...]
Bing Chat Malvertising
https://youtu.be/Io_lubfJgKE This week on the podcast, we discuss an alert from CISA on nation state threat actors embedding malware into legacy Cisco router firmware. After that, we cover a research post on malicious advertisements served up via Bing's ChatGTP integration. We then end with an analysis of North Korea's Lazarus group's latest social engineering techniques. … [Read more...]
Meta’ One Good Deed
https://youtu.be/Yo5GO14F5N0 This week on the podcast, we get up to speed on the MGM and Caesars Entertainment ransomware incidents from the previous week. After that, we take a deep dive into a blog post from Meta's application security team for their VR headsets. After that, we cover Microsoft's analysis of an ATP's pivot from email to another form of phishing. … [Read more...]