DtSR Episode 535 – Let's Ask AI Security Questions
TL;DR A few days ago, my pal Kevin asked me if I had seen the LinkedIn post by Helen Patton that asked an interesting question of the podcast space... Her post made me think - why the heck not?...
DtSR Episode 534 – The AppSec is Still a Mess
TL;DR On this episode, we welcome Josh Grossman - who has a pretty interesting perspective on AppSec, or Software Security, or (cringe) "DevSecOps". Josh has a bit of an edge on the subject, so he fits in with myself...
DtSR Episode 533 – Maybe 2023 Won't Suck
TL;DR This week on 2023's first live-streamed episode (technical our first recorded in '23) our friend Larry Whiteside, Jr. joins us to talk about the prospects for 2023 and beyond. We discuss trends, make some rather sad predictions, and...
DtSR Episode 532 – Its the End of 2022 As We Know It
TL;DR Shawn Tuma, our favorite cyber legal eagle, joins Rafal & James to talk about the sorts of things we learned about 2022, in what could be confused for a year-in-review episode. We saw ransomware, big incidents, but overall...
DtSR Episode 531 – Security Guarantees, Warranties, and Insurance
Prologue This week James and I are joined by my good friend and many-timer on the podcast Brandon Dunlap, and our mad genius and serial entrepreneur pal Paul Calatayud to talk about all of these guarantees, warranties, and insurance....
DtSR Episode 530 – The Bold and the Invasive
Prologue Karim Hijazi joins Rafal & James this week on the podcast to talk about some interesting trends and developments in the world of bad actors. It's an interesting update including some things I wasn't expecting to hear about...
DtSR Episode 529 – The CISOs Guide to Liability
Prologue This is a very interesting episode... Gadi Evron joins James and me on this slightly technically difficult (the IPoCP - IP over Carrier Pigeon - was awful at times) episode to talk about the CISO role and the...
DtSR Episode 528 – So Many Vendors, So Few Solutions
Prologue It's always a pleasure when I can get some friends together and banter on about a topic we all find interesting. This week's topic was supposed to be released a bit later, but it couldn't wait. We had so...
DtSR Episode 527 – Fun With Machines Learning
Prologue On this episode Rafal & James re-visit the concepts of machine learning, "artificial intelligence", and applicability to cyber security from Sven Krasser, Chief Scientist at CrowdStrike. Dr Krasser has been working on algorithms and computers analyzing massive amounts...
DtSR Episode 526 – Downmarket SecOps Reality
Prologue This podcast has attempted to go down-market a few times, with some success in discussing the important issues that service providers and security vendors oddly ignore. If you're not in the enterprise, you get ignored by 90%+ of...
DtSR Episode 525 – Practical Zero Trust
Prologue Are you sick of hearing "Zero Trust"? Do you, like us, also feel like it's a marketing buzzword, and then a cute concept that has a very difficult time in reality? Yeah, this episode is for you. David...
DtSR Episode 524 – Cybersecurity Starts and Ends with Assets
Prologue This week, we take it back to the basics, that's right, the basics, as we talk to Huxley Barbee about the need to identify and understand the assets on your network and in your various environments. A fascinating conversation...
DtSR Episode 523 – Practical SASE for the Masses
Prologue Today's guest helps James and Rafal attempt to unravel the completely confusing space of "modern remote access". Some call it SASE, some SSE, some ZTE and some are completely mad and still use the term VPN. Who knows...
DtSR Episode 522 – Insuring Corporate Survival
Prologue It's been a while since we have done an episode on cyber insurance, in fact, the last episode was https://ftwr.libsyn.com/dtsr-episode-454-tpa-cyber-insurance-fact-vs-fiction back in July of 2021. So we revisit with the two experts plus a bonus guest for...
DtSR Episode 521 – The Peanut Gallery Takes on XDR
Prologue Our industry has been talking about XDR for a while now. Some people think it's the savior, some people think it's marketing garbage - and neither of them really understands what this "thing" named XDR is. Well, I figure...
GitHub says hackers cloned code-signing certificates in breached repository
Enlarge
GitHub said unknown intruders gained unauthorized access to some of its code repositories and stole code-signing certificates for two of its desktop applications: Desktop and Atom.
Code-signing certificates place...
QNAP addresses a critical flaw impacting its NAS devices
Taiwanese vendor QNAP is warning customers to install QTS and QuTS firmware updates to address a critical flaw impacting its NAS devices.
QNAP released QTS and QuTS firmware updates to address a critical vulnerability, tracked as CVE-2022-27596 (CVSS v3 score: 9.8), that...
Chromebook SH1MMER exploit promises admin jailbreak
Schools' laptops are out if this one gets around, but beware bricking Users of enterprise-managed Chromebooks now, for better or worse, have a way to break the shackles of administrative control through an exploit called SHI1MMER.…
MusicLM: Google AI generates music in various genres at 24 kHz
Enlarge / An AI-generated image of an exploding ball of music. (credit: Ars Technica)
On Thursday, researchers from Google announced a new generative AI model called MusicLM that can create...
Russia's Sandworm APT Launches Swarm of Wiper Attacks in Ukraine
The incidents are the latest indication of the growing popularity of dangerous disk wipers, created to disrupt and degrade critical infrastructure and other organizations.
